Installing suPHP

1Jan/101

suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.

1. Install suPHP

apt-get install libapache2-mod-suphp

2. Disable the php5 apache module

a2dismod php5

3. Restart Apache

/etc/init.d/apache2 restart

4. You can test if suPHP is working correctly by creating a php file containing the following lines:

<?php system('id'); ?>

The script will return user/group id and name. Make sure you set the file owner to a user/group with id greater than 99.

Share and Enjoy:

Tagged as: apache, php5, Security, suphp Leave a comment

Comments (1) Trackbacks (0) ( subscribe to comments on this post )

Ian
January 12th, 2011 - 13:23

Step 1.5 – If, like everyone else I know, you’re not using Debian’s default location (/var/www/) for your webpages, you also need to edit /etc/suphp/suphp.conf and change:

;Path all scripts have to be in
docroot=/var/www/

to, if you have them somewhere in people’s home directories:

;Path all scripts have to be in
docroot=/home/

No trackbacks yet.

« Blacklisting e-mail addresses using MailScanner Scan your web server for vulnerabilities with Nikto »

Debian Tutorials

Easy to use copy/paste tutorials to install and configure various applications and services in Debian based Linux distros

Debian Tutorials Copy/Paste tutorials for Debian based Linux distros

Installing suPHP

Leave a comment

Debian Tutorials

Tag Cloud

Categories

Popular Tutorials